2.1 In these Controller Terms:
“Additional Terms for Non-European Data Protection Legislation” means the additional terms referred to in Appendix 1, which reflect the parties’ agreement on the terms governing the processing of certain data in connection with certain Non-European Data Protection Legislation.
“Affiliate” means an entity that directly or indirectly controls, is controlled by, or is under common control with, a party.
“Controller Data Subject” means a data subject to whom Controller Personal Data relates.
“Controller Personal Data” means any personal data that is processed by a party under the Agreement in connection with its provision or use (as applicable) of the Controller Services.
“Controller Services” means the Google products or services that incorporate this Agreement by reference in their terms of service or other agreements, including the “Controller Services” listed at business.safety.google/services.
“Data Protection Legislation” means, as applicable: (a) the European Data Protection Legislation; and/or (b) the Non-European Data Protection Legislation.
“EEA” means the European Economic Area.
“EU GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
“European Controller Personal Data” means Controller Personal Data of Controller Data Subjects located in the EEA or Switzerland.
“End Controller” means, for each party, the ultimate controller of Controller Personal Data.
“European Data Protection Legislation” means, as applicable: (a) the GDPR; and/or (b) the Federal Data Protection Act of 19 June 1992 (Switzerland).
“GDPR” means, as applicable: (a) the EU GDPR; and/or (b) the UK GDPR.
“Google” means the Google Entity that is party to the Agreement.
“Google End Controllers” means the End Controllers of Controller Personal Data processed by Google.
“Google Entity” means Google LLC (formerly known as Google Inc.), Google Ireland Limited, or any other Affiliate of Google LLC.
“Non-European Data Protection Legislation” means data protection or privacy laws in force outside the EEA, Switzerland, and the UK.
“Standard Contractual Clauses” means the European Commission’s standard contractual clauses at business.safety.google/gdprcontrollerterms/sccs, which are standard data protection terms for the transfer of personal data to controllers established in third countries that do not ensure an adequate level of data protection, as described in Article 46 of the EU GDPR.
“Terms Effective Date” means, as applicable:
(a) 25 May 2018, if Customer clicked to accept or the parties otherwise agreed to these Controller Terms before or on such date; or
(b) the date on which Customer clicked to accept or the parties otherwise agreed to these Controller Terms, if such date is after 25 May 2018.
“UK Controller Personal Data” means Controller Personal Data of Controller Data Subjects located in the UK.
“UK GDPR” means the EU GDPR as amended and incorporated into UK law under the UK European Union (Withdrawal) Act 2018, if in force.
2.2 The terms “controller”, “data subject”, “personal data”, “processing” and “processor” as used in these Controller Terms have the meanings given in the GDPR, and the terms “data importer” and “data exporter” have the meanings given in the Standard Contractual Clauses.
2.3 Any examples in these Controller Terms are illustrative and not the sole examples of a particular concept.
2.4 Any reference to a legal framework, statute or other legislative enactment is a reference to it as amended or re-enacted from time to time.